package com.zoo.boot.config;

import com.zoo.boot.filter.CaptchaFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**
 * Security 认证与授权功能的配置类
 *
 * @Author: WangB
 * @Date: 2021/6/24
 */
public abstract class BaseSecurityConfig extends WebSecurityConfigurerAdapter {

    /**
     * 授权配置
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http.authorizeRequests();
        //不拦截白名单中的路径
        ignoreUrlsConfig().getUrls().stream().forEach(url->registry.antMatchers(url).permitAll());
        //防止跨域攻击
        http.csrf().disable()
                //①、哪些资源应该被拦截
                .authorizeRequests()
                .anyRequest()
                .authenticated()
                .and()
                .headers()
                .frameOptions()
                .disable();

        http.addFilterBefore(captchaFilter(), UsernamePasswordAuthenticationFilter.class);
    }

    /**
     * 过滤名单清单
     * @return
     */
    @Bean
    public IgnoreUrlsConfig ignoreUrlsConfig() {
        return new IgnoreUrlsConfig();
    }


    @Bean
    public CaptchaFilter  captchaFilter(){
        return  new CaptchaFilter();
    }

}
